The present invention relates to a semiconductor device resistant to forgery and falsification. More particularly, the invention relates to IC cards.
An example of conventional art of producing IC cards resistant to forgery and falsification has been disclosed in xe2x80x9cProcessing of the 2nd workshop on Electronic Commercexe2x80x9d (Oakland Calif., Nov. 18-20, 1996).
To prevent IC cards from being forged and falsified, the above art stores a unique key code which works as a key in the chip of each IC card. This key code is used as an identification number of a user who is charged for a received service (such as telephone toll, gaming toll, and communication toll). For example, this number is corresponding to a credit-card number. The system offering the service (credit bureau or grantor) draws the charge from the bank account of the customer having the ID number. This key code can also be used for check credit information of the customer.
If a violator reads this important key code stored in memory area of the chip of each IC card, the IC card may be easily duplicated or forged. There are two ways of transferring data between an IC card and a read/write unit (RWU): contact type (making the IC card in contact with the RWU to transfer data) and non-contact type (using a radio technology to transfer data between the IC card and the RWU). Independently of these ways, each IC card contains a memory area and an I/O area through which data is transferred between the IC card and the RWU. This I/O area contains a processor circuit which can perform complicated encryption processing.
The key code stored in the memory area of the IC chip cannot be free from being analyzed and read electrically, physically, or chemically because the key code has been electrically stored in a memory cell in the memory area. In other words, as the memory cell is electrically charged (with electrons) to store a key code, it can be read in a visible form (as a pattern), for example, by an electronic microscope of high resolution. The key code in the memory cell may also be read by a fine machining unit when the memory area and its vicinity are machined until their conductors are exposed and the exposed memory and nearby circuits are driven electrically.
To prevent such illegal reading of the key code, the conventional art employs a battery to back up the operation of the IC card. With this, if any electrical, physical, or chemical attack is made on the IC chip and consequently the battery power is shut down, the content of memory is lost.
For example, using a sensor to detect a destructive attack onto the chip or its vicinity in the IC card with a backup battery, one can create such a circuit to erase the content of the memory in cooperation with the output of the sensor. A static RAM (SRAM) can then be used as a memory cell to assure deletion of the content of memory when the IC card is decomposed and the power is shut off.
Further, a conventional method for creating a code resistant to forgery and falsification has been disclosed in Japanese Non-examined Patent Publication No. 59-10937 (1984). To assure protection of the code against forgery and falsification, this method comprises measuring the resonance frequency and the amplitude and the phase deviation of the returned wave, converting these into a corresponding value according to an algorithm to make the measured values undisclosed, combining this value with a secret identification number into-a code, and storing the result.
This code number is permanently stored in the memory area of the IC chip.
The conventional art of protecting a code in respective IC cards against forgery and falsification requires a battery in each card. Provision of a battery in each IC card causes the following demerits: increase of production cost of IC-cards, the service life of the IC cards is limited by their battery lives, shock-sensitive cards (battery destruction or incomplete contact caused by shocks), and card thickness being limited by battery sizes.
Further, a conventional electrical method of creating a code, for example, a method of using characteristic dispersions of electric circuits, is not resistant enough to protect the code against forgery and falsification because the characteristic dispersion is very narrow, easily measured and duplicated, and the electric circuit is easily decomposed and decoded.
An object of the present invention is to provide an inexpensive and highly-reliable semiconductor device which is hard to be forged and falsified and a method of producing thereof.
The aforesaid object can be attained by giving one or more electrodes whose surfaces are rough (having irregular projections and dents) to both an IC chip and a card base, causing these electrodes to touch each other with the electrodes of the IC chip faced down, measuring the resistance of electrodes in connection, analog-to-digital converting the resistance, and using the result as the key code of the IC card.
The surfaces of electrodes easily change their roughness and resistance in connection when the electrodes in connection are separated. The electrodes cannot have the original resistances any more. Therefore, it is possible to check whether the IC card has been subject to a destructive attack.
Further, this object can be attained more effectively by giving one or more electrodes to both an IC chip and a card base, cementing these electrodes with an electroconductive adhesive material with the electrodes of the IC chip faced down, measuring the resistance of electrodes in connection, analog-to-digital converting the resistance, and using the result as the key code of the IC card.
This electroconductive adhesive material can make the contact resistance (which is an analog value) more unfixed and consequently make the contact resistance dispersion greater.
Furthermore, this object can be attained more effectively by giving one or more electrodes to both an IC chip and a card base, cementing these electrodes with an anisotropic electroconductive adhesive material containing fine conductive particles with the electrodes of the IC chip faced down, measuring the resistance of electrodes in connection, analog-to-digital converting the resistance, and using the result as the key code of the IC card.
Fine gold particles (5 xcexcm to 10 xcexcm in size) dispersed in the anisotropic electroconductive adhesive material can disperse the resistances between electrodes.
A greater effect in resistance dispersion can be obtained when the main ingredient of said electrodes is equal to that of the fine particles dispersed in the anisotropic electroconductive adhesive material.
This object can be attained by giving one or more electrodes whose surfaces are rough (having irregular projections and dents) to both an IC chip and a sheet, covering the IC chip with the sheet with their electrodes in contact, measuring the resistance of electrodes in connection, analog-to-digital converting the resistance, and using the result as the key code of the IC card.
In other words, this sheet coverage enables direct use of conventional processing of IC chips even when the IC cards are conventional faced-up cards, which can reduce the manufacturing cost of IC cards.
This object is attained more effectively by reading the A/D-converted code to the outside of the IC card, encrypting it, and writing the encrypted code back into the memory area in the IC chip of the IC card.
In other words, the IC card can be recognized as a certified IC card when an legally-converted code is written in the chip.
This object is attained more effectively by encrypting the A/D-converted code in the chip of the IC card, reading it to the outside of the IC card, encrypting it again, and writing the encrypted code back into the memory area in the IC chip of the IC card.
Namely, this encryption inside the chip can make the key code in the chip safer even when the data is read by a line monitor.
This object is attained more effectively by storing the key code of an IC card which was read by a read/write unit in a database together with a registration code. In other words, when the key code of an IC card which is put in actual use by system supporting is registered in the database of a system, it can be used safely in the certification system. The registration code can contain an ID number, a name, a password, a personal attribute data, a service history, a credit number, accounting information, and credit rank.
This object can be attained more effectively when the key code of the created IC card is used to protect the IC card against forgery and falsification.
Substantially a key code is expressed by the dispersion of contact resistances. Therefore, it rarely happens that two or more IC cards have an identical key code and it is very hard to prepare cards of the same content.
This object can be attained more effectively when the key code of the created IC card is used for mutual certification between the IC card and a read/write unit.
The key code in accordance with the present invention is very hard to be regenerated and consequently fit for mutual certification.
Further this object can be attained more effectively when the key code of the created IC card is used for mutual certification together with a password or personal physical characteristic code.
In other words, when the key code is stored together with data expressing the physical characteristic of the card owner in the IC card, the IC card becomes unique for the card owner and hard to be forged and falsified.
This object of the present invention is attained more effectively when the code is used together with a biological characteristic code (e.g. palm code, finger print code, smell code, face code, voice code, vein code, pupil code, or DNA code).
The use of a personal code due to the aforesaid biometrics can make personal identification more accurate and assured.
This object of the present invention is attained more effectively when the open key codes and common key codes are decoded by a host system instead of read/write units.
If codes are decoded by a plurality of closed read/write units, a malicious person (third party) may disassemble the read/write unit and read the encrypting system. To reduce such a risk, decoding of such codes should be managed by a very few host systems.
This object of the present invention is attained more effectively when the created key codes are used for personal identification, forgery check, and mutual certification between the IC card and the read/write unit on the used as electronic money.
When the identification of the key code of said IC code is complete and safe, said IC card can be applied to a charging system and the like and particularly said IC card can be used as electronic money.
This object of the present invention is attained more effectively when there are up to four levels of A/D conversion resolution.
Namely, if there are four or less resolution levels, the codes can be regenerated correctly even when contact resistances may change as the time goes by.
This object of the present invention is attained more effectively when the connection area of one set of electrodes is 15 microns or less.
A small, safe and inexpensive key code can be prepared by arranging electrode pads in a small array.
This object of the present invention is attained more effectively when the areas at which electrodes are connected each other are arranged in a matrix manner.
In other words, a compact connection array can be prepared.
This object of the present invention is attained more effectively when the created key code is used to identify an IC card in case two or more IC cards make simultaneous responses. Namely, as there rarely exist IC cards having an identical key code, the key codes can be used to identify the IC cards.
This object of the present invention is attained more effectively by excluding analog values in boundary areas when A/D-converting contact resistances of electrodes whose surfaces are rough (having irregular projections and dents) and connected each other between the IC chip and the card base with the IC chip faced down.
Values on the boundary between analog values and digital values in A-to-D conversion may fluctuate as the time goes by. To avoid such value fluctuation and increase accuracy of values, it is recommended to exclude values on such a boundary or changing the boundary values.
Further, to attain this object, the IC card in accordance with the present invention consists of a card base and a semiconductor chip which are faced to each other. The card base has a set of isolated electrodes which are one-to-one faced to a set of isolated electrodes of the semiconductor chip. The capacitance (resistance) of a space between each pair of facing electrodes is measured and converted into a value and used as a key code of the card.
In other words, the present invention converts the capacitance (resistance) of a space between each pair of isolated and facing electrodes into a numeric value and uses this value as the key code of the IC card. Said capacitance is random but specific to the card and encrypted according to the open key algorithm. Therefore, there is the least possibility that the IC card is forged or falsified by a malicious person.
Said semiconductor chip contains an amplifier. Said amplifier builds up an integrating circuit together with said capacitance and a preset resistor. Said capacitance is converted into a numeric value by A/D-converting a voltage value generated by this integrating circuit. It is needless to say that said resistance as well as the said amplifier are housed in said semiconductor chip in advance.
Said card base and said semiconductor chip respectively have a set of isolated electrodes which are one-to-one faced to the other set of isolated electrodes. The capacitance (resistance) of a space between each pair of facing electrodes is unique and random. Therefore, it is very hard to know a set of said random capacitances even when a malicious person manages to read one of said capacitances. This means that IC cards of the same capacitances are very hard to be duplicated, forged, and falsified.
Said random capacitances can be prepared, for example, by placing a dielectric film made of different kinds of dielectric materials or a plurality of dielectric films of different thicknesses between said isolated electrodes which are faced to each other or forming spaces of different sizes between said isolated electrodes which are faced to each other. Preparing said electrodes of different thicknesses is one of means for forming spaces of different sizes between said isolated electrodes which are faced to each other.
There are some other means to form random capacitances between electrodes. For example, a dielectric material made of dielectric particles of a single kind but of different sizes in diameter can be placed between said isolated but facing electrodes.
The present invention allows the use of one or more of BST (BaSrTiO3), PZT, CaTiO3, and KHZPO4 films.
The IC card prepared in accordance with the present invention is certified as follows: First the read/write unit inquires the IC card equipped with a semiconductor chip containing a key code and a name area of the name of the card owner. The IC card returns the name of the card owner to the read/write unit. On receiving the response from the IC card, the read/write unit sends said name to the database for a key code. The read/write unit generates a open key code using a random number, sends it to said IC card. The IC card encrypts a random number which is randomly generated from said capacitance values and sends the result to the read/write unit. The read/write unit decodes the encrypted data coming from the IC card, compares it by the key code on said data base, and judges whether or not it is valid.
As explained above, the key code is created according to random capacitance values and encrypted by the IC card. Therefore, there may be the least possibility that a malicious third party decodes the key code.
Said database stores names of card owners and key codes of the cards in advance.
The present invention enables the use of various methods of creating random capacitances. One of the most typical methods is using dielectric films of different thicknesses or kinds. A dielectric film whose thickness varies at random can be prepared by forming a dielectric film such as a BST film on the electrodes by a known method or the like and scanning the surface of the film by a laser beam with its intensity varied at random to cause evaporation on the surface of the film. Further said film can be prepared also by placing a layer of dielectric material made of fine dielectric particles between the electrodes of the card base and the electrodes of the IC chip and applying a pressure which varies at random to the film of the dielectric material.